classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn
 

Search...
Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2018


Our dependence on cyber-connectivity
November 2018, This Week's Editor's Pick, Cyber Security, Government and Parastatal (Industry)

What would your life (or even a day) be like without all the amenities we take for granted? Our nation’s cities and critical infrastructure are almost totally reliant on the Internet.

Craig Rosewarne
Craig Rosewarne

A doomsday scenario could begin with waking up to no electricity and water. You attempt to contact the office, but all telecoms are down. Thank heavens you can get to the office you surmise, but alas not. Petrol stations are closed, all banking systems are offline, highways are snarled with out of gas or hacked vehicles. Supermarkets are being invaded and looted as panic sets in. Emergency services collapse with medical facilities in particular being forced to turn away patients.

As the days and weeks pass, money begins to lose its value and people begin to return to trading in gold and other precious commodities. The black-market booms and simple items such as batteries, LP gas, solar panels, bottled water, etc. suddenly begin to be much sought-after items.

Impossible you may say. However, unless we all play our part to protect our infrastructure, the above is a very real scenario.

Just ask Ukrainians who received a small dose of state sponsored attacks from 2015 onwards. Virtually every sector of their nation’s critical infrastructure has been targeted, namely energy, media, military, finance and political system.

“If you close your eyes to facts, you will learn through accidents” – African proverb
“If you close your eyes to facts, you will learn through accidents” – African proverb

Safeguarding the nation’s critical infrastructure

The health, safety, security, economic well-being of citizens, effective functioning of government and perhaps even the survival of the industrialised world relies heavily upon interconnected critical systems. A country may experience widespread disruption, or even experience loss of human life if these systems become inoperable.

The reliability, stability and protection of interconnecting information infrastructures have become key to the operation of a nation’s critical systems. National Critical Information Infrastructures (CII) include information infrastructures, which support essential components vital to a national economy.

They usually comprise of a number of different infrastructures, interconnections and critical information flows between them. Traditionally closed Operational Technology (OT) systems are now being given IP addresses. Terms such as Industry 4.0, artificial intelligence, autonomous vehicles and Internet of Things (IoT) are now opening up all sectors to cyberspace. This allows cyber threats to make their way out of traditional back-office systems and into critical infrastructures such as power generation, transportation and other automation systems. Like all developing countries, South Africa has an increasing number of interconnected electronic systems.

Not only a challenge for government

Due to mounting pressure from both external and internal threats, South African organisations responsible for critical infrastructure need to have a consistent and iterative risk-based approach towards identifying, assessing and managing cybersecurity risk. This needs to become a priority, regardless of the organisation’s size, threat exposure or cybersecurity sophistication. Table 1 highlights key critical infrastructure stakeholders across the public and private sectors in SA.

Table 1.
Table 1.

An approach for securing our critical infrastructure

Although South African organisations have made great strides in information security in general, additional measures are needed to protect our national CII.

1. Prevent

Utilise a Threat Intelligence approach to predict the most likely attacks, targets and methods. Prevent or deter attacks so that no loss is experienced. Develop organisational understanding in order to manage cybersecurity risk to systems, assets, data and capabilities. Develop and implement the appropriate safeguards to ensure delivery of critical infrastructure services.

2. Detect

Develop a capable threat detection capability: trained staff, appropriate monitoring processes and implement technology to identify vulnerabilities or the occurrence of a cybersecurity event.

3. Respond

Utilise an effective incident management framework and establish a business-aligned incident response team. Develop incident procedures, ‘battle guides’ and run simulation exercises to allow a rapid response to incidents.

4. Recover

Develop and implement the appropriate activities to maintain plans for resilience. Restore any capabilities or services that were impaired by a cybersecurity event.

Valuable lessons learned

Critical Information Infrastructure Protection (CIIP) is the shared responsibility of both the public and private sector.

• The most effective way to secure a business is to use a combination of layered cyber and physical information in addition to human security measures.

• Measures should be proportionate to the expected threat and risk profile of your organisation, as well as the specific industry and location of operations.

• It is not possible to protect all assets at all times. Prioritise the key areas to protect first.

• Security is more cost effective when incorporated into longer-term planning.

For more information contact Wolfpack Information Risk, +27 11 794 7322, info@wolfpackrisk.com, www.wolfpackrisk.com


Credit(s)
  Share via Twitter   Share via LinkedIn      

Further reading:

  • 2019 Internet of Things (IoT) Barometer
    March 2019, This Week's Editor's Pick, Integrated Solutions, IT infrastructure
    A majority of businesses that use IoT technology agree that it has either disrupted their industry or will do so in the next five years.
  • Ideal operating temperature?
    March 2019, Leaderware, Technews Publishing, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring
    Walk into any CCTV control room in South Africa, whether in the middle of a heat wave or mid-winter, and you will probably see a number of operators wearing jackets, some huddled over slightly in an attempt to get warm.
  • Halt, who goes there?
    March 2019, Technews Publishing, Wolfpack Information Risk, This Week's Editor's Pick, Cyber Security
    As long as organisations treat their physical and cyber domains as separate, there is little hope of securing either one.
  • Using security to enhance the customer experience?
    March 2019, Axis Communications SA, Fidelity ADT Security, ISDS, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Integrated Solutions, Security Services & Risk Management, Retail (Industry)
    Customer experience will overtake price and product as the key retail brand differentiator by the year 2020. Will the security industry be part of this transformation?
  • Intelligent video transforms the ­in-store experience
    March 2019, Hikvision South Africa, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
    The customer experience is more important than ever as retailers are striving to ­differentiate themselves in a challenging and crowded market.
  • Enabling smarter cash handling solutions
    March 2019, Technews Publishing, Cash Connect, This Week's Editor's Pick, Asset Management, EAS, RFID
    Modern retail cash management has evolved so far from the old ‘dumb’ safe that it has become an essential enabler of today’s business.
  • IoT is convergence in action
    March 2019, Gijima Electronic and Security Systems (GESS), NEC XON, Technews Publishing, Axiz, G4S South Africa, This Week's Editor's Pick, Cyber Security, Integrated Solutions, IT infrastructure
    The Internet of Things gains more than enough attention these days, but the IoT demonstrates the reality of the convergence between the physical and cyber worlds, and physical security is part of it.
  • Stop hacking of access control ­systems
    March 2019, This Week's Editor's Pick, Access Control & Identity Management, Cyber Security
    Think someone hacking your access control system not a big deal? Scott Lindley suggests that you think again.
  • Changing the security landscape
    March 2019, Technews Publishing, This Week's Editor's Pick, News, Security Services & Risk Management
    Using smart technology and an intelligent platform, Aura has a vision to reduce crime in South Africa by 50% by 2025.
  • New cybersecurity pavilion for Securex 2019
    March 2019, Securex South Africa , This Week's Editor's Pick, Cyber Security, News, Conferences & Events, Training & Education
    Securex South Africa 2019 has announced that 4Sight Technologies, a subsidiary of an international holdings company focusing on investing in Industry 4.0 companies, has signed on as the official sponsor ...
  • Countering the threats of retail ­terrorist vehicle attacks
    March 2019, This Week's Editor's Pick, Access Control & Identity Management, Security Services & Risk Management, Retail (Industry)
    Bollard systems operate individually or in groups and are aesthetically pleasing and let pedestrians move between them in non-roadway applications.
  • The inevitability of convergence
    March 2019, Securex South Africa , This Week's Editor's Pick, Conferences & Events, Training & Education
    Physical and cybersecurity are converging and the need for a combination of cyber and physical defences will soon, if they aren’t already, become a non-negotiable.

 
 
         
Contact:
Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Other
Terms & conditions of use, including privacy policy
PAIA Manual
         
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.